Stray electronic-magnetic leaks used to harvest PC crypto keys

TEMPESTuous

Israeli security researchers have been able to extract encryption keys from a nearby computer by analysing stray electromagnetic radiation.

The attack by computer scientists from Tel Aviv University shows that TEMPEST-style side channel attacks are no longer just the preserve of Mission Impossible and three-letter spy agencies.

In a paper, titled ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs, the researchers demonstrate how secret decryption keys in applications using the libgcrypt11 library might be harvested.

We show that the secret decryption keys can be extracted from PCs running the the ECDH encryption algorithm, using the electromagnetic emanations generated during the decryption process. By measuring the target's electromagnetic emanations, the attack extracts the secret decryption key within seconds, from a target located in an adjacent room across a wall.

ECDH (Elliptic Curve Diffie Hellman) is a standard public-key encryption algorithm used in OpenPGP, as specified in RFC 6637 and NIST SP800-56A. We attacked the ECDH implementation of GnuPG's libgcrypt 1.6.3 (the latest version at the time the paper was written). The attack asks for decryption of a single carefully-chosen ciphertext, iterated a few dozen times, and then uses time-frequency signal analysis techniques in order to extract from the electromagnetic leakage emitted by the target laptop during execution of ECDH decryptions.

The attack rig includes an antenna on a stand, amplifiers, software-defined radio (white box) and an analysis computer. Naturally enough, a lot of digital signal processing and number crunching is involved.

The researchers (Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer) are due to present their findings in full at the upcoming RSA Conference in San Francisco on 3 March. Security conscious computer users are advised to update their libgcrypt11 packages, something that is already happening. For example, an update for Linux distro Debian can be found here.

Many encryption packages on Windows or Macs do not support ECDH, rendering the attack irrelevant. Updates for packages that do support ECDH are already available.

Other cryptographic schemes, running on PC-class computers, are also potentially vulnerable to side-channel attacks, the researchers warn. The Israeli team has already demonstrated hacks against RSA and ElGamal, other encryption schemes. More on the Israeli team's previous work can be found in our previous story here. ®